The Defense Information Systems Agency is using a commercial application on its Global Combat Support System that provides identity, account management and enhanced security with a single sign-on.

DISA is upgrading its GCSS servers to Version 3.3 with the new tool, Secure Authentication Framework for the Enterprise (SAFE). Northrop Grumman Information Technology of Herndon, Va., and Waveset Technologies of Austin, Texas, developed the framework for DISA and began rolling it out last month.

GCSS collects logistics data from various combat support information systems and feeds the data to joint warfighters in a fused combat picture that lets military planners manage and monitor everything from personnel to equipment.

'One of the key challenges in deploying such a highly integrated and data-centric 'system of systems' is the management of user security, including account permissions, credentials and profile data,' said Russ Riva, manager of systems development for Northrop Grumman IT's Defense Mission Systems.

What's needed

To secure the data effectively, a system must guarantee data protection, accurate transactions, and user authentication and privacy'capabilities that SAFE provides, Riva said.Deploying SAFE increases security on the integrated systems that make up GCSS, said Lt. Col. Elliott Cruz, program manager of GCSS.

'What happened was, as GCSS came into the picture in the early stages, we had a requirement to provide an underlying security architecture,' Cruz said. 'GCSS uses a DOD public-key infrastructure on the Secure IP Router Network. As we were developing our Web app, a requirement to manage this became a difficult thing to solve. There were differences between different types of administrators, different types of users.'

DISA found the solution to the quandary in SAFE, a merged software tool.

Earlier versions of GCSS used government software developed by DISA with Northrop Grumman. 'To enhance our security features, all this information is being cross-linked and cross-utilized,' Cruz said.

Martin Gross, chief of combat support systems at DISA, said the network-centric vision of Defense leaders has been the driving force behind the addition of extra layers of security.

'We have to have security mechanisms in place, authentication to control that information,' Gross said. 'This provides us with that solution to meet that customer-driven requirement.'